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What is claimed is: 



1 1. An access control system comprising: 

2 a memory which stores necessary information for various processes; 

3 a processor for input/output to a file stored in a storage medium; 

4 a policy file in said memory in which access control policy for said file is 

5 described; 

6 an access controller which determines the validity of a request for access 

7 to said file according to said access control policy; 

8 a monitoring processor which monitors issuance of a file access request 

9 made by means of said input/output processor, notifies said access controller of an issued 

10 file access request and receives the result of validity determination from said access 

1 1 controller; and 

12 an exclusive controller which protects said memory's storage regions in 

13 use by said input/output controller, access controller and monitoring processor and shields 

14 said policy file from an access execution processor other than said input/output controller, 

1 5 access controller and monitoring processor, wherein: 

16 said policy file contains information as an access control policy to identify 

17 the access request source, access execution processor and access type for the file to be 

18 accessed; and 

19 said monitoring processor uses information to identify the access request 

20 source, access execution processor and access type to notify said access controller of said 

21 issued file access request. 

1 2. The access control system as defined in claim 1 , wherein said 

2 access control policy comprises information on an access type prohibited for access to 

3 said file, an error code which is returned to the access request source if said prohibited 

4 type of access occurs, and information to identify the access execution processor and 

5 access request source which are authorized by exception to access the file. 

1 3 . The access control system as defined in claim 2, wherein the access 

2 execution processor described in said access control policy is a program and is identified 

3 by a combination of the program's pathname and feature value. 
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1 4. The access control system as defined in claim 3, said system 

2 having an access log file which registers the content of a file access request, wherein 

3 said access controller checks said rile access request against the 

4 description of said policy file and transmits the result of said validity determination to 

5 said monitoring processor; and 

6 if said access request is authorized, transmits the feature value of said 

7 access execution processor to said monitoring processor; or 

8 if said access request is contrary to said access control policy, registers the 

9 content of said file access request in said access log file. 

1 5. The access control system as defined in claim 4, wherein the 

2 system also incorporates an open file table as well as a processor that, if the access type of 

3 a valid file access request is an open access, registers, in said open file table, the access 

4 type, the file to be accessed and the access request source, and information to identify the 

5 access execution processor, which are obtained as response information from said access 

6 controller; and a processor that, if said access request is a read or write request, searches 

7 said open file table and determines the validity of said access request. 

1 6. The access control system as defined in claim 5, wherein said 

2 monitoring processor also has a processor that, upon detecting a read or write access 

3 request not registered in said open file table, registers the content of said access request in 

4 said access log file through said access controller. 

1 7. The access control system as defined in claim 6, wherein said 

2 monitoring processor also has a processor that, upon detecting a file close request, deletes 

3 the corresponding information from said open file table. 

1 8. The access control system as defined in claim 4, wherein said 

2 access controller performs said check of the access request attribute information against 

3 the description in the policy file if the access type of said file access request is an open 

4 access and the attribute information for the file access request includes information on 

5 read access or write access. 
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1 9. The access control system as defined in claim 8, wherein said 

2 monitoring processor also has a processor that, if said file access request is valid, 

3 calculates the feature value for said access execution processor and compares it with the 

4 feature value received from said access controller; and 

5 a processor that, if the values are the same, authorizes said access request; 

6 and 

7 a processor that, if the values are not the same, invalidates said file access 

8 request and registers the content of the file access in said access log file through said 

9 access controller. 

1 10. An information processing system comprising: 

2 a first OS for controlling a processor for input/output to files and a first 

3 memory processor for exclusive use; a second OS for controlling a second memory 

4 processor for exclusive use; and a communication processor for data communications 

5 between said first OS and second OS, wherein said first OS has a monitoring processor to 

6 monitor a file access request issued to said processor for input/output to files under its 

7 control; 

8 said second OS has an access controller to determine the validity of said 

9 file access request according to the access control policy; and 

10 said monitoring processor notifies said access controller of said access 

1 1 request through said communication processor and receives the result of validity 

12 determination from said access controller through said communication processor. 

1 11. The information processing system as defined in claim 10, wherein 

2 said second OS has a policy file which contains information as said access control policy 

3 to identify the access request source, access execution processor and access type. 

1 12. The information processing system as defined in claim 11, wherein 

2 the access execution processor described in said access control policy is a program and is 

3 identified by a combination of the program's pathname and feature value. 

1 13. The information processing system as defined in claim 12, said 

2 second OS also having an access log file which registers the content of a file access 

3 request, wherein said access controller checks said file access request against the 
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4 description of said policy file and transmits the result of validity determination to said 

5 monitoring processor and, if said access request is authorized, transmits the feature value 

6 of said access execution processor to said monitoring processor, or if said access request 

7 is contrary to said access control policy, registers the content of said file access request in 

8 said access log file. 

1 14. The information processing system as defined in claim 13, wherein 

2 said first OS also incorporates an open file table as well as a processor that, if the access 

3 type of a valid file access request is an open access, registers in said open file table, the 

4 access type, the file to be accessed, the access request source and information to identify 

5 the access execution processor, all of which have been obtained as response information 

6 from said access controller; and a processor that, if a read or write access request is issued 

7 as said access request, searches said open file table and determines the validity of said 

8 access request. 

1 15. The information processing system as defined in claim 14, wherein 

2 said monitoring processor also has a processor that, if it detects a read or write access 

3 request not registered in said open file table, registers the content of said access request in 

4 said access log file through said access controller. 

1 16. The information processing system as defined in claim 15, wherein 

2 said monitoring processor also has a processor that, if it detects a file close request, 

3 deletes the corresponding information from said open file table. 

1 17. The information processing system as defined in claim 13, wherein 

2 said access controller performs said check of the attribute information against said policy 

3 file description if the access type of said file access request is an open access and the 

4 attribute information for the file access request includes information on read access or 

5 write access. 

1 18. The information processing system as defined in claim 1 7, wherein 

2 said monitoring processor also has a processor that, if said file access request is 

3 determined to be valid, calculates the feature value for said access execution processor 

4 and compares it with said feature value received from said access controller; 
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5 a processor that, if the values are the same, authorizes said access request; 

6 and 

7 a processor that, if the values are not the same, invalidates said file access 

8 request and registers the content of the file access in said access log file through said 

9 access controller. 

1 1 9. An access control system for use with an information processing 

2 system comprising: 

3 a first OS for controlling a processor for input/output to files and a first 

4 memory processor for exclusive use; 

5 a second OS for controlling an second memory processor for exclusive 

6 use; and 

7 a communication processor for data communications between said first OS 

8 and second OS, wherein the information processing system has a monitoring processor 

9 which monitors a file access request issued to said processor for input/output to files 

1 0 which is incorporated in and controlled by said first OS; and 

11 an access controller, under the control of said second OS, which 

12 determines the validity of said file access request according to the access control policy, 

1 3 and wherein said monitoring processor notifies said access controller of said access 

1 4 request through said communication processor and receives the result of validity 

1 5 determination from said access controller through said communication processor. 

1 20. A program product comprising programs which are loaded and 

2 executed in an information processing unit provided with a processor for input/output to 

3 files and a memory for storing said files and constitute an access control system on said 

4 information processing unit, and files which are used by said programs, the product 

5 having the following: 

6 a policy file in which an access control policy is described; an access 

7 control program, a monitoring program; and a computer-readable medium to embody said 

8 programs; wherein said access control policy contains information to identify the access 

9 request source, access execution processor and access type for the file to be accessed; and 

1 0 said access control program has codes to enable said information processing unit to 

1 1 determine the validity of the file access request according to said access control policy; 

12 and 
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13 said monitoring program has codes to enable said information processing 

14 unit to monitor issuance of a file access request made by means of said input/output 

15 processor as well as codes to enable said information processing unit to notify said access 

16 control program of the issued file access request using the information to identify the 

17 access request source, access execution processor and access type. 



